As a provider of medical services to public, we are committed to compliance with the requirements of the Personal Health Information Protection Act, 2004 (PHIPA) and Health Insurance Portability and Accountability Act of 1996 (HIPAA). These requirements pertain to the security and confidentiality of Personal Health Information (PHI). The Health Insurance Portability and Accountability Act, also known as HIPAA, creates solutions to address two distinct issues within the medical field. The first part of HIPAA addresses health insurance. It regulates health insurance coverage when employees leave their current place of employment. The second part of HIPAA addresses quality, security, and privacy standards for electronic medical records. An electronic medical record is a tool that can greatly improve the quality and accuracy of patient health care records but must be monitored to prevent protected health information from being obtained by unauthorized individuals. We have introduced detailed procedures and systems to ensure that Personal Health Information (PHI) is used and disclosed in accordance with PHIPA/HIPAA rules and regulations. Procedures and systems introduced include: Confidentiality agreement with all the employees having access to PHI Electronic access control monitoring Mandatory training programs on handling PHI Standard operating procedures for data backups and disaster recovery Routine and event based internal audits for HIPAA compliance Credentials and background check of employee.